this post was submitted on 03 Oct 2023
308 points (91.0% liked)

Technology

59438 readers
3595 users here now

This is a most excellent place for technology news and articles.


Our Rules


  1. Follow the lemmy.world rules.
  2. Only tech related content.
  3. Be excellent to each another!
  4. Mod approved content bots can post up to 10 articles per day.
  5. Threads asking for personal tech support may be deleted.
  6. Politics threads may be removed.
  7. No memes allowed as posts, OK to post as comments.
  8. Only approved bots from the list below, to ask if your bot can be added please contact us.
  9. Check for duplicates before posting, duplicates may be removed

Approved Bots


founded 1 year ago
MODERATORS
top 13 comments
sorted by: hot top controversial new old
[–] EyesEyesBaby@lemmy.world 144 points 1 year ago* (last edited 1 year ago) (2 children)

Clickbaity title.

Mozilla has provided an update to Firefox version 118.0.1 to close a vulnerability that is already being used to attack Chrome users.

For the second time this month, Mozilla has to patch a 0-day vulnerability in Firefox that initially seemed to affect only Chrome and its derivatives.

Yes it's being exploited, yes you should update, but the vulnerability is not actively exploited in Firefox as far as we (they) know of.

[–] GigglyBobble@kbin.social 49 points 1 year ago (1 children)

118.0.1 was first released on Sept 28 too, so this isn't exactly breaking news.

[–] TrustingZebra@lemmy.one 14 points 1 year ago (1 children)

I was wondering if this happend again so soon, since I already updated last week.

[–] Hyperreality@kbin.social 5 points 1 year ago

Last time this story was posted, this was two updates ago. So unless you haven't upvoted in months, it's a non-issue.

[–] such_lettuce7970@kbin.social 25 points 1 year ago (1 children)

It should also be noted here (you know, TL;DR) that it's also fixed in:
Firefox ESR 115.3.1
Firefox Focus for Android 118.1
Firefox for Android 118.1
Thunderbird 115.3.1

https://www.mozilla.org/en-US/security/advisories/mfsa2023-44/

[–] limewire@lemmy.mywire.xyz 7 points 1 year ago (1 children)

And Tor Browser 12.5.5 which has backported the security fixes from Firefox ESR 115.3.1.

[–] thisbenzingring@lemmy.sdf.org 3 points 1 year ago

Anyone using Tor browser should know that they should check it's updating status before using it. Thankfully it checks itself but still, stay up to date before you browse.

[–] seaQueue@lemmy.world 12 points 1 year ago (3 children)

If anyone wants an easy way to stay on top of browser updates on Android ffupdater does a great job tracking releases for the whole Firefox ecosystem as well as forks and TOR tools.

https://github.com/Tobi823/ffupdater

I have it setup to update Firefox Beta, Mull and Orbot for me as soon as new releases drop.

[–] droidpenguin@lemmy.world 5 points 1 year ago

Obtanium is really good option too and can handle more than just browser updates. Pretty much any Android APK release can be setup and it supports a wide variety of different repository sources.

[–] Stephen304@lemmy.ml 2 points 1 year ago (1 children)

Does that update significantly sooner than the play store or is it mainly for people who don't like to use the play store? Mine is on 118.1 and my play store update history says 3 days ago.

[–] seaQueue@lemmy.world 1 points 1 year ago* (last edited 1 year ago)

The Play release cycle is a little bit randomized. Sometimes releases take a few days or a week to filter out to users. ffupdater pulls as soon as any of its sources are available and it runs a check (I have mine set to check every 6h.) You'll typically get releases the same day the binary becomes available. I can't think of a time the play store has had a release of the Firefox Beta before I've updated with ffupdater.

[–] mojo@lemm.ee 1 points 1 year ago* (last edited 1 year ago)

I love Fennec, but really hate fdroid's build system. It means when they push an update, it can take up to a week for it to actually be downloadable from fdroid. Yet Mull is based on Fennec and can be updated within a day or two, because they're in the IzzyOnDroid fdroid repo.

Actually it's more then a week, because checking right now, Fennec is still on 117.1 which came out 9/22. That's a massive security issue for a web browser.

[–] counselwolf@lemmy.world 2 points 1 year ago

Is this why I've been getting the moz:developer thingy before site loads?